Tuesday 31 July 2007

F-Secure Reverse Engineering Challenge 2007

Be ready to compete in the F-Secure Reverse Engineering Challenge (http://www.khallenge.com) this Friday. I expected the challenge to start on Thursday like last year, so now I have a scheduling conflict!

It looks like the challenge is organized like last year: go to the website and download the first challenge. Start the program, and provide the correct password (this is where reversing skills come in handy). You’ll be given an e-mail address in exchange for the correct password (a wrong password yields no e-mail address).

Send an e-mail to the address and you’ll get an URL in reply. Download the second challenge and repeat the process. And finally: download the third challenge and repeat the process.

Now honestly, I don’t expect Challenger to be of any help, except with a dictionary attack on the first challenge. Last year, the passwords for the second and third challenge were so long that brute-forcing was no option.